On Thu, 27 Sep 2007 08:22:31 +0300, Henrik Krohns wrote:
> On Thu, Sep 27, 2007 at 05:11:09AM +, micah wrote:
>> On Thu, 27 Sep 2007 07:48:02 +0300, Henrik Krohns wrote:
>>
>> > On Thu, Sep 27, 2007 at 03:27:51AM +, micah wrote:
>> >> On Wed, 26 Sep 2007 17:54:05 -0700, John D. Hardin wro
On Thu, 27 Sep 2007, Olivier Nicole wrote:
> But here is the question, with milter call, how to manage things like
> per user whitelist? As SA is run only once for all the recipients, it
> should go on a common set of rules.
In the general case, with a milter (or most in-line filtering)
per-user
On Thu, 27 Sep 2007 05:11:09 +, micah wrote:
> On Thu, 27 Sep 2007 07:48:02 +0300, Henrik Krohns wrote:
>
>> On Thu, Sep 27, 2007 at 03:27:51AM +, micah wrote:
>>> On Wed, 26 Sep 2007 17:54:05 -0700, John D. Hardin wrote:
>>>
>>> > On Wed, 26 Sep 2007, Micah Anderson wrote:
>>> >
>>> >>
On Thu, 27 Sep 2007 07:48:02 +0300, Henrik Krohns wrote:
> On Thu, Sep 27, 2007 at 03:27:51AM +, micah wrote:
>> On Wed, 26 Sep 2007 17:54:05 -0700, John D. Hardin wrote:
>>
>> > On Wed, 26 Sep 2007, Micah Anderson wrote:
>> >
>> >> SELECT count(*)
>> >>FROM bayes_token
>> >>
micah wrote:
> On Wed, 26 Sep 2007 17:54:05 -0700, John D. Hardin wrote:
>
>> On Wed, 26 Sep 2007, Micah Anderson wrote:
>>
>>> SELECT count(*)
>>>FROM bayes_token
>>> WHERE id = '4'
>>> AND ('1190846660' - atime) > '345600';
>> Who the hell wrote *tha
On Wed, 26 Sep 2007 17:54:05 -0700, John D. Hardin wrote:
> On Wed, 26 Sep 2007, Micah Anderson wrote:
>
>> SELECT count(*)
>>FROM bayes_token
>> WHERE id = '4'
>> AND ('1190846660' - atime) > '345600';
>
> Who the hell wrote *that* query? Is MySQL s
> Okay. Can a milter be used with MySQL? The docs seem to indicate
> not.
That is not milter that use MySQl, but SA. Milter is just one way to
activate SA. SA can use MySQL, whether it is called from Procmail or
from Milter.
(I beleive Milter-SA is just calling spamd actually).
Olivier
And amavisd user mysql for wblisting and policy banks .
--
Michael Scheidell, CTO
Office: 561-999-5000 x 1259
Direct: 561-939-7259
Real time security alerts: http://www.secnap.com/news
_
This email has been scanned and certi
Plug for amavisd:
Google for amavisd-new.
It can handle per user wblists, policies, quarantining, etc.
--
Michael Scheidell, CTO
Office: 561-999-5000 x 1259
Direct: 561-939-7259
Real time security alerts: http://www.secnap.com/news
___
On Thu, 27 Sep 2007 09:00:51 +0700 (ICT)
Olivier Nicole <[EMAIL PROTECTED]> wrote:
> > I have a question. Is there any advantage to using say,
> > Spamass-Milter over calling spamc from procmail?
>
> I have a bit of answer and one further question.
>
> If the message is sent to a local list of
> I have a question. Is there any advantage to using say,
> Spamass-Milter over calling spamc from procmail?
I have a bit of answer and one further question.
If the message is sent to a local list of recipients (a list managed
on your email server), procmail call will launch SA for each and ever
On Wed, 26 Sep 2007 17:50:13 -0700 (PPT)
"John D. Hardin" <[EMAIL PROTECTED]> wrote:
> On Wed, 26 Sep 2007, Raquel wrote:
>
> > I have a question. Is there any advantage to using say,
> > Spamass-Milter over calling spamc from procmail?
>
> Using a milter allows you to reject the message during
On Wed, 26 Sep 2007, Micah Anderson wrote:
> SELECT count(*)
>FROM bayes_token
> WHERE id = '4'
> AND ('1190846660' - atime) > '345600';
Who the hell wrote *that* query? Is MySQL smart enough to rearrange
that equation to give an indexable comparison
On Wed, 26 Sep 2007, Raquel wrote:
> I have a question. Is there any advantage to using say,
> Spamass-Milter over calling spamc from procmail?
Using a milter allows you to reject the message during the SMTP
conversation. The value of that is, it's far better than generating a
bounce message if
I was having problems with scalability with my bayes DB, so I read up on
the mailing list and found that it was recommended to switch to the
innodb storage engine because of the row-level locking (versus the
table-level locking that comes with MyISAM). Sounds great. So I
switched, and everything w
Thanks for the explanation, but I think you are missing the point here.
What is reasonable and what will cause a block?
An individual may well issue 100 queries a day for research. Not many
have the time to do tens of thousands+ a day (or more). Any system that
does will likely fall into the AU
I have a question. Is there any advantage to using say,
Spamass-Milter over calling spamc from procmail?
--
Raquel
This above all: to thine own self be true; And it must follow, as
the night the day; Thou canst not then be false to any
> -Messaggio originale-
> Da: Dave Koontz [mailto:[EMAIL PROTECTED]
> Inviato: giovedì 27 settembre 2007 0.50
>
> If nothing else, you should likely add a disclaimer to your rules as
> you
> can't control the threshold at which a site may be blocked for
> excessive
> queries. I doubt that
> -Messaggio originale-
> Da: Michele Neylon :: Blacknight [mailto:[EMAIL PROTECTED]
> Inviato: giovedì 27 settembre 2007 0.55
>
> Giampaolo Tomassoni wrote:
> >> -Messaggio originale-
> >> Da: Michele Neylon :: Blacknight [mailto:[EMAIL PROTECTED]
> >>
> >> That refers to pretty m
At 15:32 26-09-2007, Giampaolo Tomassoni wrote:
It depends upon how many e-mail you scan. In about 24h I just issued more or
less 100 queries to the to several TLDs' whois servers. What is it, 10
queries per TLD? It doesn't seem too much to me... Also note today I'm
probably not going to get the
tuxbeagle wrote:
>
> These last two appear to be what I am trying to achieve, but am not sure how
> to set up the "New Mail Server with SA" and put it transparently between the
> "Mail Server" and internet.
>
You don't do it "transparently".. you configure forwarding as
appropriate on each ser
If nothing else, you should likely add a disclaimer to your rules as you
can't control the threshold at which a site may be blocked for excessive
queries. I doubt that most users on this list have email volumes as low
as yours (100?), and will go well above the thresholds you've tested. I
am a wh
Giampaolo Tomassoni wrote:
-Messaggio originale-
Da: Michele Neylon :: Blacknight [mailto:[EMAIL PROTECTED]
That refers to pretty much all TLDs and ccTLDs
If you want to go slamming registry and registrar whois servers in an
automated fashion you will get blacklisted by them all and bl
> -Messaggio originale-
> Da: Michele Neylon :: Blacknight [mailto:[EMAIL PROTECTED]
>
> That refers to pretty much all TLDs and ccTLDs
>
> If you want to go slamming registry and registrar whois servers in an
> automated fashion you will get blacklisted by them all and blocked
I don't
Thanks,
Knowing what to search for helps.
The first document I started reading has an installation where spam is
filtered to a specific user 'spammy'. I hope that there is a way to just
tag the spam in the header and let the user filter locally.
Gary V-2 wrote:
>
>
>> Matt Kettler-3 wrote:
>
Giampaolo Tomassoni wrote:
This means nothing: what is a "high volume"? Also, you normally use the
"whois" command. Isn't it an "automated, electronic process"? They are to
say: "If we like to ban you, don't scream!".
These terms comes from early internet ages, when spammers were used to
scaven
> -Messaggio originale-
> Da: John D. Hardin [mailto:[EMAIL PROTECTED]
>
> On Wed, 26 Sep 2007, Giampaolo Tomassoni wrote:
>
> > So, I don't see the problem here: we are attempting to obtain
> > information about or related to a domain name registration record.
>
> Doing it over and over
At 13:48 26-09-2007, Giampaolo Tomassoni wrote:
These terms depend upon the registrar offering the service.
However, mostly they say that:
"Whois database is provided by XX for information purposes only,
and to assist persons in obtaining information about or related to a
On Wed, 26 Sep 2007, Giampaolo Tomassoni wrote:
> So, I don't see the problem here: we are attempting to obtain
> information about or related to a domain name registration record.
Doing it over and over and over from an automated tool can be
considered abusive when the service was intended to an
> -Messaggio originale-
> Da: Daryl C. W. O'Shea [mailto:[EMAIL PROTECTED]
> > However, mostly they say that:
> >
> > "Whois database is provided by XX for information purposes
> only,
> > and to assist persons in obtaining information about or related
> to a
> > domain name
Giampaolo Tomassoni wrote:
-Messaggio originale-
Da: SM [mailto:[EMAIL PROTECTED]
At 08:56 26-09-2007, Robert - elists wrote:
Become a registrar and bam! More data to help you cause
Access to Whois data is not limited to registrars only.
I suggest reading the Whois terms of service be
> -Messaggio originale-
> Da: SM [mailto:[EMAIL PROTECTED]
>
> At 08:56 26-09-2007, Robert - elists wrote:
> >Become a registrar and bam! More data to help you cause
>
> Access to Whois data is not limited to registrars only.
>
> I suggest reading the Whois terms of service before enabli
At 08:56 26-09-2007, Robert - elists wrote:
Become a registrar and bam! More data to help you cause
Access to Whois data is not limited to registrars only.
I suggest reading the Whois terms of service before enabling this plugin.
Regards,
-sm
I'm noticing that the spam-filtering that is done by SA when the 'Spam
Filtering' is turned on in Ensim Pro X is a little more thorough than that
done when SA is called by MailScanner (later in the cycle). I suppose I'll
have to dig around some more to see if there is another .conf file or two
that
On Wed, 26 Sep 2007, John Calvert wrote:
> I have decided to restart this whole process... setting the bayes
> database back to its initial state & deleting auto-whitelist file.
>
> Is it good to use a bayes starter DB ? If so, where can I get a
> good one.
It's not generally a good idea to use
John D. Hardin wrote:
On Wed, 26 Sep 2007, John Calvert wrote:
I see no "-L" or "--local" anywhere. See below...
# Source spamd configuration.
if [ -f /etc/sysconfig/spamassassin ] ; then
. /etc/sysconfig/spamassassin
fi
You'll also want
> -Messaggio originale-
> Da: Robert - elists [mailto:[EMAIL PROTECTED]
>
>
> >
> > DOB, for example, is run by ar.com, who are a registrar. Since they
> are a
> > domain registrar, they have full, direct access to the whois
> database.
> >
> > Jeff C.
> >
>
> Well there ya go Jeff...
>
> Matt Kettler-3 wrote:
>>
>> tuxbeagle wrote:
>>> I am trying to find a mail proxy/spamassassin solution for 2 situations.
>>> Situation 1 is
>>> Mail Server --> Mail Proxy --> Internet
>>>
>>> Situation 2 is
>>> Mail Client --> Mail Proxy --> Mail Server
>>>
>>> Mail Proxy is on a seperate serve
Robert - elists writes:
>
> >
> > DOB, for example, is run by ar.com, who are a registrar. Since they are a
> > domain registrar, they have full, direct access to the whois database.
> >
> > Jeff C.
> >
>
> Well there ya go Jeff...
>
> Become a registrar and bam! More data to help you cause
On Wed, 26 Sep 2007 08:29:27 -0600
James Lay <[EMAIL PROTECTED]> wrote:
> Hello all!
>
> I saw a post a couple days ago about converting to MySQL with
> SpamAssassin and wondered what the purpose would be for that?
> Just reporting? And if so, is there a reporting package for use
> with MySQL a
>
> Thats the easy answer, but do you know what it costs to become a
> registrar?
>
> Just for com/net from verisign you have $6500 up front, and $4k
> recurring. To get your icann credentials, you have $2500 up front with
> application, $4k yearly. A variable fee to icann once you start
> re
Robert - elists wrote:
DOB, for example, is run by ar.com, who are a registrar. Since they are a
domain registrar, they have full, direct access to the whois database.
Jeff C.
Well there ya go Jeff...
Become a registrar and bam! More data to help you cause
Thats the easy answer,
Jean-Paul Natola wrote:
> Hi all
>
> I was just checking headers on messages that were flagged ( by my own rules
> in outlook) and I'm curious as to what exactly it means
>
I dono, what do your outlook rules do?
> _cbl.abuseat.org_TIMEOUT ,
>__dnsbl.njabl.org_TIMEOUT , __sbl.sp
On Wed, 26 Sep 2007, John Calvert wrote:
> I see no "-L" or "--local" anywhere. See below...
> # Source spamd configuration.
> if [ -f /etc/sysconfig/spamassassin ] ; then
> . /etc/sysconfig/spamassassin
> fi
You'll also want to look in /etc/sysconfig/spamassassin
--
John Hardin KA7O
John D. Hardin wrote:
On Tue, 25 Sep 2007, feral wrote:
Where is this configuration file?
Probably under /etc/mail/spamassassin
John Hardin wrote:
Look for the command line that starts SA. If "-L" or "--local"
appears, network tests have
Matt Kettler-3 wrote:
>
> tuxbeagle wrote:
>> I am trying to find a mail proxy/spamassassin solution for 2 situations.
>> Situation 1 is
>> Mail Server --> Mail Proxy --> Internet
>>
>> Situation 2 is
>> Mail Client --> Mail Proxy --> Mail Server
>>
>> Mail Proxy is on a seperate serve
>
> DOB, for example, is run by ar.com, who are a registrar. Since they are a
> domain registrar, they have full, direct access to the whois database.
>
> Jeff C.
>
Well there ya go Jeff...
Become a registrar and bam! More data to help you cause
- rh
Quoting Giampaolo Tomassoni <[EMAIL PROTECTED]>:
> the issue covered by the
> URIWhois plugin would be much more efficiently solved by a centralized
> solution, in which "someone" gathers registration data from registars (maybe
> even not through whois, but through direct db access) and then publi
Quoting Giampaolo Tomassoni <[EMAIL PROTECTED]>:
> How do they "handle these domains in a centralized way"? Do they simply
> relay a whois request for not-yet-seen domains? Because in this case they
> have to tune their whois parsers a bit: dob.sibl.support-intelligence.net,
> in example, reports
On 9/26/07 8:50 AM, "Chris St. Pierre" <[EMAIL PROTECTED]> wrote:
> On Wed, 26 Sep 2007, James Lay wrote:
>
>> I saw a post a couple days ago about converting to MySQL with SpamAssassin
>> and wondered what the purpose would be for that? Just reporting? And if
>> so, is there a reporting pac
On Wed, 26 Sep 2007, James Lay wrote:
I saw a post a couple days ago about converting to MySQL with SpamAssassin
and wondered what the purpose would be for that? Just reporting? And if
so, is there a reporting package for use with MySQL and SpamAssassin?
Thanks for the assist.
We have more t
On 24.09.07 18:13, Matus UHLAR - fantomas wrote:
> our customers match FH_HOST_ALMOST_IP even when their DNS contains word
> 'static':
>
> X-Spam-Report:
> * 3.8 FH_HOST_ALMOST_IP The host almost looks like an IP addr.
>
> Received: from ksd (static-081-024-203.dsl.nextra.sk [212.81.24.2
Hello,
On 24.09.07 18:52, Matus UHLAR - fantomas wrote:
> is it correct and by a reason, when two similar rules, like
> FH_DATE_PAST_20XX and DATE_IN_FUTURE_96_XX both match, causing the same
> problem to score 7.3 ?
>
> X-Spam-Report:
> * 3.4 FH_DATE_PAST_20XX The date is grossly in the
Hello all!
I saw a post a couple days ago about converting to MySQL with SpamAssassin
and wondered what the purpose would be for that? Just reporting? And if
so, is there a reporting package for use with MySQL and SpamAssassin?
Thanks for the assist.
James
Oh, my! I forgot the link to URIWhois-0.02.
Here it goes:
http://www.tomassoni.biz/download/URIWhois-0.02.tar.bz2
Sorry for bothering you again.
Giampaolo
> -Messaggio originale-
> Da: Giampaolo Tomassoni [mailto:[EMAIL PROTECTED]
> Inviato: mercoledì 26 settembre 2007 15.11
>
Dears,
I got some feedback from people failing to successfully run the URIWhois
plugin.
It seems to me these are installation issues, so I just prepared version
0.02 of this plugin, which basically borrows an INSTALL.txt file in which I
attempt to explain how to correctly install the plugin. Also
thanks again, very good and complete list of best practices !
cheers,
maurizio
On dom, 2007-09-23 at 22:53 +0200, mouss wrote:
> think it is good in the case of mass mailers.
> otherwise, "miscreants" may nuke your reputation. and if you send mail
> to hotmail, you'd better have S
> -Messaggio originale-
> Da: Jeff Chan [mailto:[EMAIL PROTECTED]
>
> In principle, this is a good concept; using domain whois data to spot
> bad
> domains can be useful.
>
> In practice, it's a really, really, really bad idea since the public
> whois
> infrastructure is not designed for
Dietmar Braun wrote:
DJM> http://www.postfix.org/postconf.5.html#always_bcc
Hm, I tried that, but it doesn't work, because it the configuration
should be dependent of the recipient domain...
[please ask on the postfix users list, instead of here]
then you should say what exactly you want t
Tuesday, September 25, 2007, 2:15:54 PM, you wrote:
DJM> http://www.postfix.org/uce.html#smtpd_client_restrictions
Additionally, this rejects RBL listed mails - but I want to discard
them to /dev/null...
Thanks,
Dietmar
--
NetCologne Gesellschaft fuer Telekommunikation mbH
Am Coloneum 9, 50829
Tuesday, September 25, 2007, 2:15:54 PM, you wrote:
>> - all mails coming from hosts on a RBL should be /dev/nulled
DJM> http://www.postfix.org/uce.html#smtpd_client_restrictions
>> - all other mails should be forwarded to another email address not on
>> the same server
DJM> http://www.postfix.or
Jeff Chan wrote:
In principle, this is a good concept; using domain whois data to spot bad
domains can be useful.
In practice, it's a really, really, really bad idea since the public whois
infrastructure is not designed for this kind of high volume use. If many
people did it, it would result
62 matches
Mail list logo
